Trium918 Posted May 30, 2007 Share Posted May 30, 2007 Will the script below destroy the $_SESSION['id']; even if it isn't being tested against isset() and empty() ? <?php if (!empty($_SESSION['valid_user']) && !empty($_SESSION['password'])) { if (isset($_SESSION['valid_user']) && isset($_SESSION['password'])) { unset($_SESSION['user']); unset($_SESSION['pwd']); unset($_SESSION['id']); // DESTROY $_SESSION = array(); // reset session array session_destroy(); // destroy session. echo "<p class='genmed'>Logged out.</p><br>"; do_html_url("login.php", "Login"); } else { // they were logged in and could not be logged out echo "Could not log you out.<br>"; } } else { // if they weren't logged in but came to this page somehow if(!$logged_in){ echo "<p class='genmed'>You were not logged in, and so have not been logged out.</p><br>"; do_html_url("login.php", "Login");; } } ?> Quote Link to comment https://forums.phpfreaks.com/topic/53665-logging-out-help/ Share on other sites More sharing options...
pocobueno1388 Posted May 31, 2007 Share Posted May 31, 2007 It should be. Why don't you test it? Quote Link to comment https://forums.phpfreaks.com/topic/53665-logging-out-help/#findComment-265279 Share on other sites More sharing options...
Trium918 Posted May 31, 2007 Author Share Posted May 31, 2007 It should be. Why don't you test it? And how is that done? Quote Link to comment https://forums.phpfreaks.com/topic/53665-logging-out-help/#findComment-265281 Share on other sites More sharing options...
pocobueno1388 Posted May 31, 2007 Share Posted May 31, 2007 Register the session ID, then after you perform the above script, try echoing it out somewhere to see if it still exists. or... <?php if (isset($_SESSION['id'])){ echo "It is still there..."; } else { echo "It was destroyed."; } ?> Quote Link to comment https://forums.phpfreaks.com/topic/53665-logging-out-help/#findComment-265284 Share on other sites More sharing options...
Trium918 Posted May 31, 2007 Author Share Posted May 31, 2007 Register the session ID, then after you perform the above script, try echoing it out somewhere to see if it still exists. or... <?php if (isset($_SESSION['id'])){ echo "It is still there..."; } else { echo "It was destroyed."; } ?> I tested it twice. I tested it onced on the logout page, and it echo "It was destroyed". The second time I tested it I added the code you gave me to the members page where the session is set and it echo "It was destroyed" also. What can I try next? Quote Link to comment https://forums.phpfreaks.com/topic/53665-logging-out-help/#findComment-265292 Share on other sites More sharing options...
marcus Posted May 31, 2007 Share Posted May 31, 2007 When the sessions are granted parameters, are you using session_start(), or just creating them out of the blue? And plus the following isn't really necessary: unset($_SESSION['user']); unset($_SESSION['pwd']); unset($_SESSION['id']); // DESTROY $_SESSION = array(); // reset session array session_destroy(); // destroy session. Just have something like: <?php session_start(); if (!empty($_SESSION['valid_user']) && !empty($_SESSION['password'])) //this and the next line two down from there are exactly the same, if the value ISNT empty, meaning it's set, so isset is useless { if (isset($_SESSION['valid_user']) && isset($_SESSION['password'])) { session_destroy(); // destroy session. echo "<p class='genmed'>Logged out.</p><br>"; do_html_url("login.php", "Login"); } else { // they were logged in and could not be logged out echo "Could not log you out.<br>"; } } else { // if they weren't logged in but came to this page somehow if(!$logged_in){ //where is this variable defined? echo "<p class='genmed'>You were not logged in, and so have not been logged out.</p><br>"; do_html_url("login.php", "Login"); //only needed one end quote there } } ?> Quote Link to comment https://forums.phpfreaks.com/topic/53665-logging-out-help/#findComment-265294 Share on other sites More sharing options...
pocobueno1388 Posted May 31, 2007 Share Posted May 31, 2007 Oh duh... session_destroy() destroys ALL sessions you set on the users computer. Quote Link to comment https://forums.phpfreaks.com/topic/53665-logging-out-help/#findComment-265301 Share on other sites More sharing options...
Trium918 Posted May 31, 2007 Author Share Posted May 31, 2007 Oh duh... session_destroy() destroys ALL sessions you set on the users computer. Meaning what? That every session gets destroyed when the user log out? Quote Link to comment https://forums.phpfreaks.com/topic/53665-logging-out-help/#findComment-265303 Share on other sites More sharing options...
marcus Posted May 31, 2007 Share Posted May 31, 2007 When the function is called, it destroys all sessions for that accessed website. Quote Link to comment https://forums.phpfreaks.com/topic/53665-logging-out-help/#findComment-265305 Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.